Tivix/django-rest-auth
1
1
Fork 0
mirror of https://github.com/Tivix/django-rest-auth.git synced 2025-02-17 02:10:42 +03:00
Code Issues Packages Projects Releases Wiki Activity

Added non existing e-mail validation on password reset

Browse Source 
+ small cleanup
This commit is contained in:
mario 2015-11-23 22:17:32 +01:00
parent 52283aed70
commit d9b8f3faf6
2 changed files with 18 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
rest_auth/serializers.py
View File

@ -94,7 +94,7 @@ class UserDetailsSerializer(serializers.ModelSerializer):
User model w/o password User model w/o password
""" """
class Meta: class Meta:
model = get_user_model() model = UserModel
fields = ('username', 'email', 'first_name', 'last_name') fields = ('username', 'email', 'first_name', 'last_name')
read_only_fields = ('email', ) read_only_fields = ('email', )
@ -113,7 +113,11 @@ class PasswordResetSerializer(serializers.Serializer):
# Create PasswordResetForm with the serializer # Create PasswordResetForm with the serializer
self.reset_form = self.password_reset_form_class(data=self.initial_data) self.reset_form = self.password_reset_form_class(data=self.initial_data)
if not self.reset_form.is_valid(): if not self.reset_form.is_valid():
raise serializers.ValidationError('Error') raise serializers.ValidationError(_('Error'))
if not UserModel.objects.filter(email=value).exists():
raise serializers.ValidationError(_('Invalid e-mail address'))
return value return value
def save(self): def save(self):

19
rest_auth/tests.py
View File

@ -160,13 +160,9 @@ class APITestCase1(TestCase, BaseAPITestCase):
result = {} result = {}
from django.utils.encoding import force_bytes from django.utils.encoding import force_bytes
from django.contrib.auth.tokens import default_token_generator from django.contrib.auth.tokens import default_token_generator
from django import VERSION from django.utils.http import urlsafe_base64_encode
if VERSION[1] == 5:
from django.utils.http import int_to_base36 result['uid'] = urlsafe_base64_encode(force_bytes(user.pk))
result['uid'] = int_to_base36(user.pk)
else:
from django.utils.http import urlsafe_base64_encode
result['uid'] = urlsafe_base64_encode(force_bytes(user.pk))
result['token'] = default_token_generator.make_token(user) result['token'] = default_token_generator.make_token(user)
return result return result
@ -338,6 +334,15 @@ class APITestCase1(TestCase, BaseAPITestCase):
} }
self.post(self.login_url, data=payload, status_code=200) self.post(self.login_url, data=payload, status_code=200)
def test_password_reset_with_invalid_email(self):
get_user_model().objects.create_user(self.USERNAME, self.EMAIL, self.PASS)
# call password reset
mail_count = len(mail.outbox)
payload = {'email': 'nonexisting@email.com'}
self.post(self.password_reset_url, data=payload, status_code=400)
self.assertEqual(len(mail.outbox), mail_count)
def test_user_details(self): def test_user_details(self):
user = get_user_model().objects.create_user(self.USERNAME, self.EMAIL, self.PASS) user = get_user_model().objects.create_user(self.USERNAME, self.EMAIL, self.PASS)
payload = { payload = {